Axonius is a well-funded mid-stage startup with cybersecurity asset management (CAM) and SaaS management (SM) solutions supporting cloud asset compliance, policy enforcement, software asset management, and vulnerability management. Axonius was founded in 2017 and is headquartered in New York City. Axonius CAM is SaaS-delivered from public IaaS data centers on four continents.

Balbix is a VC funded mid-stage start-up that was established in 2015 and is headquartered in San Jose, California.

Founded as ‘Stach & Liu’ in 2005 by Vincent Liu and Fran Brown, the company was rebranded in 2013 as Bishop Fox. They are headquartered in Tempe, Arizona, with additional offices in Mexico, Spain, and the UK.

Bitsight Technologies launched in 2011. They are headquartered in Boston, Massachusetts. Bitsight offers ASM in their Security Performance Management solution, as well as solutions for third party and vendor risk management and cyber insurance. Bitsight has specific products for cyber insurers and national governments.

CYFIRMA is headquartered in Singapore and has additional offices in India, Japan, and the US. The company was established in 2017. DeCYFIR is their ASM (External Threat Landscape Management) solution, and they also have digital risk evaluation services and a mobile app defense product. CYFIRMA External Threat Landscape Management (ETLM) model integrates cyber intelligence, attack surface discovery, vulnerability intelligence, brand intelligence, situational awareness, and digital risk protection, providing organizations with a comprehensive view of their threat landscape. CYFIRMA’s solutions are SaaS-delivered from public IaaS facilities in the APAC region and the US. Pricing is per monitored domain.

ymulate was founded in 2015 in Israel, and has multiple offices across Asia, Europe, Latin America, and the US. Cymulate is a mid-stage VC-funded company with a platform that includes ASM, exposure analytics, continuous automated red teaming, and BAS.

Darktrace was founded in 2013 in Cambridge, UK. Darktrace is a publicly traded cybersecurity company with many offices around the globe. Darktrace acquired Cybersprint, an ASM specialist vendor, in 2022.

Detectify was founded in 2014 in Stockholm, Sweden. It has offices in Boston, Massachusetts, and Stockholm, Sweden. They are a VC-funded EASM and application security specialist firm having a background in Dynamic Application Security Testing (DAST). The primary components are Attack Surface Monitoring and Application Scanning delivered in a unified platform. Their EASM services are SaaS-delivered, and there are no on-premises agents or appliances to install.

Fortinet is a public, US-based cybersecurity company founded in 2000 and headquartered in Sunnyvale, California, with a single, global SOC staffed by analysts in the US, Canada, UK, Germany, India, Philippines, and Japan. Most customers are US-based, followed by EMEA, predominantly in the medium enterprise segment, followed by mid-market enterprises.

Privately held Group-IB was founded in 2003 and their global HQ is located in Singapore. Beyond FRIP services, Group-IB offers threat intelligence, Attack Surface Management, business email protection, and anti-piracy products. Group-IB Fraud Protection has functionality in compromised credential and device intelligence, UBA, behavioral biometrics, and bot detection.

Hadrian is an early-stage startup that launched in 2021. They are based in Amsterdam, Netherlands. The Hadrian platform covers asset discovery and management, ASM, continuous automated red teaming, and exposure management. Hadrian’s platform is SaaS, and there are no agents available for on-premises installation. Subscription pricing is based on the number of uniquely identified assets.

Privately owned Halo Security started up in 2013. The company is based in Miami Beach, Florida.

IBM Corporation is a multinational technology and consulting company headquartered in Armonk, New York, USA. Founded in 1911, IBM has evolved from a computing hardware manufacturer into offering a broad range of software solutions, infrastructure hosting, and consulting services in such high-value markets as business intelligence, data analytics, cloud computing, virtualization, information security, and identity and access management. With a strong global presence and customers and partners across the globe, IBM is a major player in the market.

IONIX (formerly Cyberpion) launched in Israel in 2017. In 2023, the company rebranded as IONIX, a VC-funded startup focused on ASM and risk remediation.

JupiterOne was founded in 2020 and is headquartered in Morrisville, North Carolina. Its product, JupiterOne, is a cyber asset attack surface management (CAASM) platform that provides visibility into the security of an organization’s cyber assets.

KELA is headquartered in Tel Aviv, Israel and has additional offices in London, Madrid, New York, Singapore, and Tokyo. The company was established in 2015 and is privately owned. In addition to serving the EASM market, KELA provides cyber intelligence for fraud prevention and law enforcement investigations. The solution is SaaS-based and agentless, but there are options for on-premises installation. Pricing is based on the number of concurrent users and sizes of customer organizations.

Palo Alto Networks, founded in 2005 in Santa Clara, California, is the pioneer in Next Generation Firewall (NGFW) technology. Palo Alto Networks also offers endpoint security, SASE, SOAR, XDR, threat intelligence feeds, Cloud Native Application Protection Platform (CNAPP), and other security products.

Panaseer was founded in 2014 and is headquartered in London, UK. Panaseer is a VC-funded company.

Sweepatic is a privately owned EASM specialist firm based in Belgium, founded in 2016 and acquired by cyber risk management vendor Outpost24 in 2023.